• DocumentCode
    3753840
  • Title

    Increasing Diversity in Network Intrusion Detection System Evaluation

  • Author

    Victor C. Valgenti;Min Sik Kim

  • Author_Institution
    Petabi, Inc., Irvine, CA, USA
  • fYear
    2015
  • Firstpage
    1
  • Lastpage
    7
  • Abstract
    The performance of Network Intrusion Detection Systems (NIDS) depends heavily on the inputs to the system (rules and network traffic). A common trend in the evaluation of NIDS is to use a narrow selection of publicly or privately available rule-sets and traffic. Private rule-sets and traffic make the repeatability of experiments difficult while publicly available rule-sets and traffic often lack the diversity to explore the NIDS´s true operating range. This can cause misleading results in the face of inputs that do not adequately test the NIDS. To improve diversity and provide better context for evaluations it is necessary to employ synthesized traffic and rules in addition to the use of public or private traffic and rule-sets. This research expands on previous models and tools to provide systematic means for increasing the diversity and context of any evaluation providing for a broader perspective from which to view NIDS performance and compare results.
  • Keywords
    "Ports (Computers)","Context","Intrusion detection","Market research","Privacy","Inspection","Automata"
  • Publisher
    ieee
  • Conference_Titel
    Global Communications Conference (GLOBECOM), 2015 IEEE
  • Type

    conf

  • DOI
    10.1109/GLOCOM.2015.7417740
  • Filename
    7417740